package com.lushuan.ch10_springboot_security.config;

import org.springframework.security.access.PermissionEvaluator;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Component;

import java.io.Serializable;

@Component
public class CustomPermissionEvaluator implements PermissionEvaluator {

    @Override
    public boolean hasPermission(Authentication auth, Object targetDomainObject, Object permission) {
        if (auth == null || targetDomainObject == null || !(permission instanceof String)) {
            return false;
        }

        // 自定义权限检查逻辑
        return checkPermission(auth, targetDomainObject, permission.toString());
    }

    // 自定义权限检查逻辑
    private boolean checkPermission(Authentication auth, Object targetDomainObject, String toString) {
        return true;
    }

    @Override
    public boolean hasPermission(Authentication auth, Serializable targetId, String targetType, Object permission) {
        // 实现基于ID的权限检查
        return false;
    }
}
